summaryrefslogtreecommitdiffstats
path: root/ipatests/test_integration
Commit message (Collapse)AuthorAgeFilesLines
* Support delegating RBAC roles to service principalsPetr Viktorin2014-08-211-0/+82
| | | | | | https://fedorahosted.org/freeipa/ticket/3164 Reviewed-By: Martin Kosek <mkosek@redhat.com>
* ipatests: test_trust: Add test to cover lookup of trusdomainsTomas Babej2014-08-071-5/+31
| | | | | | | | | | | | | Adds an integration tests that checks that all trustdomains are able to be found by trustdomain-find command right after the trust has been established. Also moves some code to allow easier adding common test cases for both POSIX and non-POSIX test classes. https://fedorahosted.org/freeipa/ticket/4208 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipatests: tasks: Fix dns configuration for trustsTomas Babej2014-07-151-14/+3
| | | | | | | | | Properly configure forwarders to the AD zone with respect to newly created ipa dnsforwardzone commands. https://fedorahosted.org/freeipa/ticket/4401 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* ipaplatform: Fix misspelled path constantTomas Babej2014-06-252-2/+2
| | | | Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipatests: test_sudo: Expect root listed out if no RunAsUser availableTomas Babej2014-06-251-2/+2
| | | | Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipatests: test_sudo: Do not expect enumeration of runasuser groupsTomas Babej2014-06-251-1/+1
| | | | Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipatests: test_sudo: Fix assertions not assuming runasgroupcat set to ALLTomas Babej2014-06-251-10/+10
| | | | Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipatests: test_sudo: Add coverage for category ALL validationTomas Babej2014-06-251-9/+184
| | | | | | | | | | | Makes sure sudorules behave correctly both when adding new entries with corresponding category set to ALL, and when setting the category to all when corresponding entries exist. The only exception of deny commands with cmdcategory ALL is covered as well. Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipatests: test_sudo: Add coverage for external entriesTomas Babej2014-06-251-0/+87
| | | | | | | | | | Covers functionality of external entries for: * users * runAsUsers * groups of RunAsUsers * runAsGroups Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipatests: test_sudo: Add tests for allowing hosts via hostmasksTomas Babej2014-06-251-0/+36
| | | | Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipaplatform: Move all filesystem paths to ipaplatform.paths moduleTomas Babej2014-06-164-57/+61
| | | | | | https://fedorahosted.org/freeipa/ticket/4052 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipatests: Enable SSSD debugging on legacy clients with SSSDTomas Babej2014-05-091-2/+11
| | | | | Reviewed-By: Jakub Hrozek <jhrozek@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* ipatests: Setup SSSD debugging mode by defaultTomas Babej2014-05-091-0/+28
| | | | | Reviewed-By: Jakub Hrozek <jhrozek@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* ipatests: legacy clients: Do not use external hostnames for testing login to ↵Tomas Babej2014-05-091-2/+2
| | | | | | | legacy clients from master Reviewed-By: Jakub Hrozek <jhrozek@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* ipatests: Add Sudo integration testTomas Babej2014-05-092-1/+336
| | | | | Reviewed-By: Jakub Hrozek <jhrozek@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* test_integration.host: Export the hostname to dict as stringPetr Viktorin2014-04-221-1/+1
| | | | | | Our tests do strict type-checking, using unicode string causes failures. Reviewed-By: Tomas Babej <tbabej@redhat.com>
* ipatests: Fix incorrect UID/GID reference for subdomain users and groupsTomas Babej2014-04-171-4/+8
| | | | | | | | | In legacy client integration test, the test cases that query information from subdomain about subdomain users and group expected subdomain users and groups to have the UIDs/GIDs as users and groups in the root domain. Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipatests: Allow using FQDN with trailing dot as final hostnameTomas Babej2014-04-171-1/+5
| | | | | | | | | | | | | | | When creating a BaseHost instance, the machine's hostname was reconfigured to have the same shortname prepended the domain name of the domain where it was defined. However, it makes sense in certain use cases to define hosts that have hostnames other than belonging directly in the domain they were defined in. Treat input hostnames with trailing dots as static FQDNs that will not be changed by the name of the domain they were defined in. Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipatests: tasks: Accept extra arguments when installing clientTomas Babej2014-04-171-2/+3
| | | | Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipatests: Fix apache semaphores prior to installing IPA serverTomas Babej2014-04-171-0/+14
| | | | Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* CI - test_forced_client_reenrollment stability fixAdam Misnyovszki2014-04-171-0/+4
| | | | | | | | fixes FreeIPA Jenkins CI test freeipa-integration-forced_client_reenrollment-f19 https://fedorahosted.org/freeipa/ticket/4298 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* CA-less tests: Use sequential certificate serial numbersPetr Viktorin2014-04-101-1/+4
| | | | | | | | When serial numbers were generated with $RANDOM, there could be collisions. Use sequential numbers instead. Reviewed-By: Adam Misnyovszki <amisnyov@redhat.com>
* CA-less tests generate failureAdam Misnyovszki2014-04-081-0/+37
| | | | | | | | | | | CA-less test suite always generate failures when installing revoked certificates. This is a known issue, described in https://fedorahosted.org/freeipa/ticket/4270 , this fix skips these tests, outputting a warning for the later ticket. https://fedorahosted.org/freeipa/ticket/4271 Reviewed-By: Martin Kosek <mkosek@redhat.com>
* ipatests: tasks: Wait 2 seconds after restart of SSSD when clearing the cacheTomas Babej2014-04-041-0/+3
| | | | Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipatests: legacy_clients: Relax regex checksTomas Babej2014-04-041-3/+3
| | | | Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipatests: legacy_clients: Use hostname instead of external hostname for AD ↵Tomas Babej2014-04-041-1/+1
| | | | | | subdomain Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipatests: Make sure that remnants of PKI are removedTomas Babej2014-04-041-0/+9
| | | | Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipatests: Do not depend on the case of the attributes when testing ID rangesTomas Babej2014-03-261-4/+11
| | | | | | | | | In test_trust.py, several tests did case sensitive search on the output of the ipa idrange-show command. This could cause false negatives. Part of: https://fedorahosted.org/freeipa/ticket/4267 Reviewed-By: Martin Kosek <mkosek@redhat.com>
* ipatests: test_trust: Change expected home directories for posix usersTomas Babej2014-03-242-4/+5
| | | | | | | | | | | | | | Information from the AD about the home directories is not leveraged at all, but is generated from the username and domain. Fix the assumptions in the tests. Also changes 'Subdomain Test User' to 'Subdomaintest User' to be more consistent. https://fedorahosted.org/freeipa/ticket/4184 Reviewed-By: Jakub Hrozek <jhrozek@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* test_integration.tasks: Do not fail cleanup if backup directory does not existPetr Viktorin2014-03-201-1/+2
| | | | | | | | | If the test backup directory was never created (for example if there was an early failure, or install was never run), we don't want the test to fail. Do not restore if the backup dir is not there. Reviewed-By: Martin Kosek <mkosek@redhat.com>
* Add tests for integration test configurationPetr Viktorin2014-03-051-0/+437
| | | | Reviewed-By: Tomas Babej <tbabej@redhat.com>
* test_integration.config: Convert some text values to strPetr Viktorin2014-03-052-8/+8
| | | | | | | When loading from file, some strings are loaded as unicode, which would throw off assert_deepequal. Reviewed-By: Tomas Babej <tbabej@redhat.com>
* test_integration.config: Add environment variables for JSON/YAMLPetr Viktorin2014-03-051-1/+18
| | | | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/3938 Reviewed-By: Tomas Babej <tbabej@redhat.com>
* test_integration.config: Load/store from/to dictsPetr Viktorin2014-03-053-5/+93
| | | | | | Part of the work for: https://fedorahosted.org/freeipa/ticket/3938 Reviewed-By: Tomas Babej <tbabej@redhat.com>
* test_integration.config: Do not store the index in Domain and Host objectsPetr Viktorin2014-03-052-31/+35
| | | | | | | The index is a detail of the environment variable method of configuration, it should only be used there. Reviewed-By: Tomas Babej <tbabej@redhat.com>
* test_integration.config: Use a more declarative approach to test-wide settingsPetr Viktorin2014-03-051-57/+50
| | | | | | | | The list of options was duplicated too many times. Consolidate. Part of the work for: https://fedorahosted.org/freeipa/ticket/3938 Reviewed-By: Tomas Babej <tbabej@redhat.com>
* test_integration.config: Do not save the input environmentPetr Viktorin2014-03-052-36/+25
| | | | | | | | | | | | | Using the input environment saved in self._session_env outside of the config loading meant that methods of configuration other than environment variables wouldn't be possible. Restructure the roles/extra_roles to not depend on _session_env. Part of the work for: https://fedorahosted.org/freeipa/ticket/3938 Reviewed-By: Tomas Babej <tbabej@redhat.com>
* test_integration.config: Fix crash in to_env when no replica is definedPetr Viktorin2014-03-051-4/+10
| | | | Reviewed-By: Tomas Babej <tbabej@redhat.com>
* ipatests: Fix incorrect order of operations when restoring backupTomas Babej2014-02-251-1/+1
| | | | | | | | | | When restoring files from backup, we do use an incorrect order of operations - we first restore SELinux context and then copy the files from backup, when we need to do the exact opposite. https://fedorahosted.org/freeipa/ticket/4133 Reviewed-By: Jan Pazdziora <jpazdziora@redhat.com>
* ipatests: Do not require group name resolution for the non-posix testsTomas Babej2014-02-111-4/+16
| | | | | | | | | | In the non-posix tests on the legacy clients, the testuser does not belong to the testgroup (since this is represented by the NIS group membership). Relax the regular expression check for the output of the id testuser. Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* ipatests: Change expected home directories returned by getentTomas Babej2014-02-112-8/+20
| | | | | | | | | | | | | The hardcoded values for the home directories for the AD users did not properly scale up from the POSIX attrs only test scanario. When using POSIX attrs, the home dir is returned as whatever is set in the AD (/home/username by default). Without using POSIX attributes, the /home/domain/username form is taken by default. Refactor the tests to take this behaviour into account. Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* ipatests: Add test cases for subdomain users on legacy clientsTomas Babej2014-02-111-9/+113
| | | | | | | | | | | Adds test cases for: * getent subdomain user on legacy client * getent subdomain group on legacy client * getent id subdomain user on legacy client * ssh into legacy client with subdomain user * ssh into legacy client with disabled subdomain user Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* ipatests: Stop sssd service before deleting the cacheTomas Babej2014-02-101-2/+2
| | | | | | | | In the integration tests, we do not stop the sssd service before deleting the cache, but rather start it. We need to stop sssd before deleting the cache. Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
* ipatests: Make sure we re-kinit as admin before adding the disabledipauserTomas Babej2014-02-101-0/+2
| | | | | | | | | When we add the disabledipauser during the setup class part of the BaseTestLegacyClient, we need to make sure that we re-kinit admin since we do ntpsync with the AD just before that, which can render the previous ticket invalid. Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
* ipatests: Perform a connection test before preparing the clientTomas Babej2014-02-101-0/+4
| | | | | | | | | | | | When the host is down, the preparation of the host fails. This produces misleading errors, since the test framework reports that the actual command being executed failed, when in fact (in case of SSHTransport), the cause of failure was unability to establish a SSH session. https://fedorahosted.org/freeipa/ticket/4132 Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
* ipatests: legacy_clients: Test legacy clients with non-posix trustTomas Babej2014-02-101-13/+76
| | | | | | | | | Adds test cases for legacy client support with IPA that has estabilish trust with AD that does not leverage POSIX attributes defined on AD. https://fedorahosted.org/freeipa/ticket/4134 Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
* ipatests: Run restoring backup files and restoring their context in one sessionTomas Babej2014-02-051-10/+14
| | | | | | | | | | | | | | Restoring backup files and restoring their context were two separate commands, what means that in case we use SSHTrasport, which creates a separate SSH session for each command, we try to restore the SELinux context of the changed files in a new session. This causes problems, if the access to files themselves are necessary for the creation of the new SSH session. https://fedorahosted.org/freeipa/ticket/4133 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipatests: Add records for all hosts in master's domainTomas Babej2014-02-051-0/+28
| | | | | | | | | | | | | | All the hosts in the domain have IPA master set as their only nameserver. However, the IPA master does not create records for these machines by default. This is not an big issue for clients or replicas, since those records do get created in other ways, but external hosts using their internal hostnames will not resolve. Adds an A record for each host in master's domain. https://fedorahosted.org/freeipa/ticket/4130 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipatests: test_legacy_clients: Change "test group" to "testgroup"Tomas Babej2014-02-051-2/+2
| | | | | | | | | | The integration test for legacy clients used incorrectly "test group" instead of "testgroup" as group used on AD for test purposes. This is inconsistent with the usage of "testuser". https://fedorahosted.org/freeipa/ticket/4131 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* integration tests OpenSSHTransport: Expand tilde to home in ↵Petr Viktorin2014-02-051-1/+2
| | | | | | | | | root_ssh_key_filename Expand paths beginning with a tilde, such as the default ~/.ssh/id_rsa, to the home directory. https://fedorahosted.org/freeipa/ticket/4115
generated by cgit (git 2.34.1) at 2024-05-26 00:44:01 +0000